Threat List - H THREATS LIST - H Alert Attacks Bugtraq CERT Exploit GHDB IDS/IPS Malware Operation Phishing Ransom Vulnerebility List
Datum | Název | Popis | Categorie |
13.11.20 | PLATYPUS: Software-based Power Side-Channel Attacks on x86 | Power side-channel attacks exploit variations in power consumption to extract secrets from a device, e.g., cryptographic keys. Prior attacks typically required physical access tothe target device and specialized equipment such as probes anda high-resolution oscilloscope. | CPU Attack |
13.11.20 | DNS Cache Poisoning Attack Reloaded | In this paper, we report a series of flaws in the software stack that leads to a strong revival of DNS cache poisoning — a classic attack which is mitigated in practice with simple and effective randomization-based defenses such as randomized source port. | DNS Attack |
15.10.20 | BleedingTooth | Bluetooth vulnerabilities that a Google security researcher has identified in the Linux kernel could be exploited to run arbitrary code or access sensitive information. | Bluetooth |
23 .9.20 | LokiBot Malware | This product was written by the Cybersecurity and Infrastructure Security Agency (CISA) with contributions by the Multi-State Information Sharing & Analysis Center (MS-ISAC). | Bot malware |
17.9.20 | BLURtooth Attack | Bluetooth 4.0 through 5.0 versions are affected by the vulnerability dubbed BLURtooth which allows hackers to defeat Bluetooth encryption. | Bluetooth |
30 .7.20 | “BootHole” vulnerability in the GRUB2 bootloader opens up Windows and Linux devices using Secure Boot to attack. All operating systems using GRUB2 with Secure Boot must release new installers and bootloaders. | Vulnerebility | |
20.7.20 | SIGRed | DNS, which is often described as the “phonebook of the internet”, is a network protocol for translating human-friendly computer hostnames into IP addresses. Because it is such a core component of the internet, there are many solutions and implementations of DNS servers out there, but only a few are extensively used. | Vulnerebility |
5.7.20 | Lamphone Attack | Spies Can Listen to Your Conversations by Watching a Light Bulb in the Room.You might not believe it, but it's possible to spy on secret conversations happening in a room from a nearby remote location just by observing a light bulb hanging in there—visible from a window—and measuring the amount of light it emits. | Hacking |
5.7.20 | Dabangg Attack | Modern Intel and AMD processors are susceptible to a new form of side-channel attack that makes flush-based cache attacks resilient to system noise, newly published research shared with The Hacker News has revealed. | CPU |
5.7.20 | SMBleed: A New Critical Vulnerability Affects Windows SMB Protocol | Cybersecurity researchers today uncovered a new critical vulnerability affecting the Server Message Block (SMB) protocol that could allow attackers to leak kernel memory remotely, and when combined with a previously disclosed "wormable" bug, the flaw can be exploited to achieve remote code execution attacks. | Vulnerebility |
5.7.20 | 'SGAxe' and 'CrossTalk' Side-Channel Attacks | Cybersecurity researchers have discovered two distinct attacks that could be exploited against modern Intel processors to leak sensitive information from the CPU's trusted execution environments (TEE). | CPU |
5.7.20 | New Mobile Internet Protocol Vulnerabilities Let Hackers Target 4G/5G Users | High impact vulnerabilities in modern communication protocol used by mobile network operators (MNOs) can be exploited to intercept user data and carry out impersonation, fraud, and denial of service (DoS) attacks, cautions a newly published research. | 4G/5G |
27.5.20 | StrandHogg 2.0 - The ‘evil twin’ | New Android Vulnerability Even More Dangerous, With Attacks More Difficult to Detect Than Predecessor Promon researchers have discovered a new elevation of privilege vulnerability in Android that allows hackers to gain access to almost all apps. | Android |
19.5.20 | BIAS: Bluetooth Impersonation AttackS | TL;DR: The Bluetooth standard provides authentication mechanisms based on a long term pairing key, which are designed to protect against impersonation attacks. | Vulnerebility |
20.4.20 | Starbleed vulnerability | Field Programmable Gate Arrays, FPGAs for short, are flexibly programmable computer chips that are considered very secure components in many applications. | Vulnerebility |
14.4.20 | SegmentSmack Vulnerebility | "SegmentSmack" is yet another branded vulnerability, also known as CVE-2018–5390. It hit the "news" yesterday. Succesful exploitation may lead to a denial of service against a targeted system. At this point, not a lot is known about this vulnerability. | Vulnerebility |
10.3.20 | Intel guidance for developers in response to LVI | LVI is a new class of transient-execution attacks exploiting microarchitectural flaws in modern processors to inject attacker data into a victim program and steal sensitive data and keys from Intel SGX, a secure vault in Intel processors for your personal data. | CPU |
10.3.20 | Load Value Injection in the Line Fill Buffers (LVI-LFB) | In recent years, several researchers have discovered and disclosed a series of vulnerabilities named microarchitectural side channel attacks. A side channel attack relies on careful measurements made by an attacker to determine the value of a secret located inside the victim memory (which is normally inaccessible to the attacker). The initial “wave” of side-channel attacks includes Meltdown and Spectre | CPU |
10.3.20 | Load Value Injection (LVI) | This technical deep dive expands on the information in the Load Value Injection (LVI) disclosure overview for software developers. Note that this documentation will use more precise (but different) terminology for transient execution side channel methods than we have used in past documents. Be sure to review the updated terminology guide and the list of affected processors. | CPU |
10.3.20 | Take A Way: Exploring the Security Implications of AMD’s Cache Way Predicto | To optimize the energy consumption and performance of their CPUs, AMD introduced a way predictor for the L1-data (L1D) cache to predict in which cache way a certain address is located. Consequently, only this way is accessed, significantly reducing the power consumption of the processor. | CPU |
6.3.20 | Intel x86 Root of Trust | The scenario that Intel system architects, engineers, and security specialists perhaps feared most is now a reality. A vulnerability has been found in the ROM of the Intel Converged Security and Management Engine (CSME). | ROM BIOS |
6.3.20 | Point-to-Point Protocol (PPP) Vulnerebility | The US-CERT today issued advisory warning users of a new dangerous 17-year-old remote code execution vulnerability affecting the PPP daemon (pppd) software that comes installed on almost all Linux based operating systems, as well as powers the firmware of many other networking devices. | Protocol |
26.2.20 | Kr00k Vulnerebility | Kr00k – formally known as CVE-2019-15126 – is a vulnerability in Broadcom and Cypress Wi-Fi chips that allows unauthorized decryption of some WPA2-encrypted traffic. | Wifi |
17.2.20 | Dozen Vulnerabilities | A Dozen Vulnerabilities Affect Millions of Bluetooth LE Powered Devices | Bluetooth |
11.12.19 | Plundervolt | Modern processors are being pushed to perform faster than ever before - and with this comes increases in heat and power consumption. To manage this, many chip manufacturers allow frequency and voltage to be adjusted as and when needed. But more than that, they offer the user the opportunity to modify the frequency and voltage through priviledged software interfaces. | CPU |
9.12.19 | The StrandHogg vulnerability | Promon security researchers have found proof of a dangerous Android vulnerability, dubbed ‘StrandHogg’, that allows real-life malware to pose as legitimate apps, with users unaware they are being targeted. | OS |
20.11.19 | iTLB multihit | iTLB multihit is an erratum where some processors may incur a machine check error, possibly resulting in an unrecoverable CPU lockup, when an instruction fetch hits multiple entries in the instruction TLB. This can occur when the page size is changed along with either the physical address or cache type. A malicious guest running on a virtualized system can exploit this erratum to perform a denial of service attack. | CPU |
20.11.19 | Jump Conditional Code Erratum | Starting with the second-generation Intel® Core™ Processors and Intel® Xeon® E3-1200 Series Processors (formerly codenamed Sandy Bridge) and later processor families, the Intel® microarchitecture introduces a microarchitectural structure called the Decoded ICache (also called the Decoded Streaming Buffer or DSB). | CPU |
13.11.19 | TPM—Fail | Trusted Platform Module (TPM) serves as a root of trust for the operating system. TPM is supposed to protect our security keys from malicious adversaries like malware and rootkits. | CPU |
13.11.19 | TSX Speculative Attack | A new speculative vulnerability called ZombieLoad 2, or TSX Asynchronous Abort, has been disclosed today that targets the Transactional Synchronization Extensions (TSX) feature in Intel processors. | CPU |
13.11.19 | MDS Attack | The RIDL and Fallout speculative execution attacks allow attackers to leak private data across arbitrary security boundaries on a victim system, for instance compromising data held in the cloud or leaking your data to malicious websites. | CPU |
19.9.19 | Simjacker Attack | Following extensive research, AdaptiveMobile Security has uncovered a new and previously undetected vulnerability. This vulnerability is currently being exploited and is being used for targeted surveillance of mobile phone users. | SIM Attack |
10.8.19 | SWAPGS Attack | The SWAPGS Attack, as they call it, circumvents the protective measures that have been put in-place in response to earlier attacks such as Spectre and Meltdown. Still, there is plenty of good news: Microsoft has already released Windows patches for the flaw that makes the attack possible and, even though feasible, the researchers don’t expect the attack to be exploited for widespread, non-targeted attacks. | CPU |
10.3.19 | Thunderclap | Direct Memory Access (DMA) attacks have been known for many years: DMA-enabled I/O peripherals have complete access to the state of a computer and can fully compromise it including reading and writing all of system memory. With the popularity of Thunderbolt 3 over USB Type-C and smart internal devices, opportunities for these attacks to be performed casually with only seconds of physical access to a computer have greatly broadened. | Hardware |
27.9.18 | UEFI rootkits are widely viewed as extremely dangerous tools for implementing cyberattacks, as they are hard to detect and able to survive security measures such as operating system reinstallation and even a hard disk replacement. | Hardware | |
21.8.18 | Recently, our researchers came across a shortcoming in the design of Android’s use of storage resources. Careless use of External Storage by applications may open the door to an attack resulting in any number of undesired outcomes, such as silent installation of unrequested, potentially malicious, apps to the user’s phone, denial of service for legitimate apps, and even cause applications to crash, opening the door to possible code injection that would then run in the privileged context of the attacked application. | Hardware | |
21.8.18 | Fax, the brilliant technology that lifted mankind out the dark ages of mail delivery when only the postal service and carrier pigeons were used to deliver a physical message from a sender to a receiver. Technology wise, however, that was a long time ago. Today we are light years away from those dark days. In its place we have email, chat messengers, mobile communication channels, web-services, satellites using quantum messaging and more. | Hardware | |
15.8.18 | TLBleed is a new side channel attack that has been proven to work on Intel CPU’s with Hyperthreading (generally Simultaneous Multi-threading, or SMT, or HT on Intel) enabled. It relies on concurrent access to the TLB, and it being shared between threads. We find that the L1dtlb and the STLB (L2 TLB) is shared between threads on Intel CPU cores. | CPU | |
22.10.18 | CVE 2018-3620 | CPU | |
22.10.18 | CVE 2018-3646 | CPU | |
15.8.18 | Foreshadow v5 | Foreshadow is a vulnerability that affects modern microprocessors that was first discovered by two independent teams of researchers in January 2018, but was first disclosed to the public on 14 August 2018.The vulnerability is a speculative execution attack on Intel processors that may result in the loss of sensitive information stored in personal computers, or third party clouds.There are two versions: the first version (original/Foreshadow) (CVE-2018-3615) targets data from SGX enclaves; and the second version (next-generation/Foreshadow-NG) (CVE-2018-3620 and CVE-2018-3646) targets Virtual Machines (VMs), hypervisors (VMM), operating system (OS) kernel memory, and System Management Mode (SMM) memory | CPU |
15.8.18 | Meltdown v3 | Meltdown is a hardware vulnerability affecting Intel x86 microprocessors, IBM POWER processors, and some ARM-based microprocessors. It allows a rogue process to read all memory, even when it is not authorized to do so. | CPU |
22.10.18 | Spectre-NG | 2018-3665 Lazy FP State Restore | CPU |
22.10.18 | Spectre-NG | 2018-3693 Bounds Check Bypass Store (BCBS) | CPU |
22.10.18 | Spectre-NG v4 | Speculative Store Bypass (SSB) | CPU |
22.10.18 | Spectre-NG v3a | On May 21, 2018, Intel published information on the first two Spectre-NG class side-channel vulnerabilities CVE-2018-3640 (Rogue System Register Read, Variant 3a) and CVE-2018-3639 (Speculative Store Bypass, Variant 4), also referred to as Intel SA-00115 and HP PSR-2018-0074, respectively. | CPU |
22.10.18 | Spectre v2 | On March 15, 2018, Intel reported that it will redesign its CPUs (performance losses to be determined) to help protect against the Spectre and related Meltdown vulnerabilities (especially, Spectre variant 2 and Meltdown, but not Spectre variant 1), and expects to release the newly redesigned processors later in 2018.On October 8, 2018, Intel is reported to have added hardware and firmware mitigations regarding Spectre and Meltdown vulnerabilities to its latest processors. On October 18, 2018, MIT researchers suggested a new mitigation approach, called DAWG (Dynamically Allocated Way Guard), which may promise better security without compromising performance | CPU |
15.8.18 | Spectre v1 | Spectre is a vulnerability that affects modern microprocessors that perform branch prediction.On most processors, the speculative execution resulting from a branch misprediction may leave observable side effects that may reveal private data to attackers. For example, if the pattern of memory accesses performed by such speculative execution depends on private data, the resulting state of the data cache constitutes a side channel through which an attacker may be able to extract information about the private data using a timing attack. | CPU |